发表新帖
发表新帖

Why is it allowed to access Java private fields via reflection?

后端 未结
关注
7 1929
暗喜
暗喜 2020-12-08 04:14

Consider this example :

import java.lang.reflect.Field;

public class Test {

    public static void main(String[] args) {
        C c = new C();
        try
7条回答
  • 孤城傲影
    孤城傲影 (楼主)
    2020-12-08 04:45

    Yes it's not nice but it does allow frameworks such as Java Serialization to work.

    Setting the accessible flag in a reflected object permits sophisticated applications with sufficient privilege, such as Java Object Serialization or other persistence mechanisms, to manipulate objects in a manner that would normally be prohibited.

    I beleive that the functionality can be disabled through the SecurityManager

    http://javabeans.asia/2008/10/12/how_to_set_securitymanager_and_java_security_policy_programmatically.html

    0 讨论(0)
 看不清?
提交回复
热议问题